def run(self, domain):
domain_name = domain.get_name()
request = Request()
nameserver = request.request_nameserver(domain_name)
print('[+] DNS name server are:')
for ns in nameserver:
domain.set_nameserver(ns)
print (' | ', str(ns))
request = Request()
print('\n[*] Trying zone transfer for each nameserver:')
spf_record = request.check_SPFRecord(domain.get_nameserver())
if spf_record:
print(Fore.GREEN + ' | SPF Record: ' + Fore.RESET)
for data in spf_record:
print(' | ' + data)
nodes = request.try_zonetransfer(domain.get_nameserver(), domain_name)
if not nodes:
print(Fore.RED + ' | Transfer failed')
print(' | Probably blocked from ' + domain_name + Fore.RESET)
else:
domain.set_zonetransfer()
for n in nodes.keys():
node_text = nodes[n].to_text(n)
#check IN A
checkInAOutput = checkInA(node_text)
if checkInAOutput is not None:
print((Fore.GREEN + ' | ' + str(n) + '.' + domain_name ).ljust(40) + ' -- ' + checkInAOutput + Fore.RESET)
else:
#check IN CNAME
checkInCNAMEOutput = checkInCNAME(node_text, nodes)
if checkInCNAMEOutput is not None:
print((Fore.GREEN + ' | ' + str(n) + '.' + domain_name).ljust(40) + ' -- ' + checkInCNAMEOutput + Fore.RESET)
def test_request_verify_url_status(self, curl_mock, string_mock):
curl_class = curl_mock.return_value
string_class = string_mock.return_value
string_class.getvalue.return_value = "Successful result"
req = Request('http://example.com', False)
resp = req.executeRequest('status_request', {})
self.assertEquals(req.action_url, 'http://example.com/gwprocessor2.php?a=status_request')
def test_request_no_ssl(self, curl_mock, string_mock):
curl_class = curl_mock.return_value
curl_class.setopt.return_value = True
string_class = string_mock.return_value
string_class.write.return_value = None
req = Request('http://example.com/', False)
resp = req.executeRequest('init', {})
curl_class.setopt.assert_called_with(pycurl.WRITEFUNCTION, string_class.write)
self.assertEquals(curl_class.setopt.call_count, 7)
def test_request_no_ssl(self, curl_mock, string_mock):
curl_class = curl_mock.return_value
curl_class.setopt.return_value = True
string_class = string_mock.return_value
string_class.write.return_value = None
req = Request('http://example.com/', False)
resp = req.executeRequest('init', {})
curl_class.setopt.assert_called_with(pycurl.WRITEFUNCTION,
string_class.write)
self.assertEquals(curl_class.setopt.call_count, 7)
def test_request_verify_url_status(self, curl_mock, string_mock):
curl_class = curl_mock.return_value
string_class = string_mock.return_value
string_class.getvalue.return_value = "Successful result"
req = Request('http://example.com', False)
resp = req.executeRequest('status_request', {})
self.assertEquals(
req.action_url,
'http://example.com/gwprocessor2.php?a=status_request')
def test_request_response_success(self, curl_mock, string_mock):
curl_class = curl_mock.return_value
curl_class.setopt.return_value = True
curl_class.perform.return_value = None
string_class = string_mock.return_value
string_class.write.return_value = None
string_class.getvalue.return_value = "Successful result"
req = Request('http://example.com/', False)
resp = req.executeRequest('init', {})
self.assertTrue(resp.is_success())
self.assertEquals(resp.get_status(), response.SUCCESS)
self.assertEquals(resp.get_content(), "Successful result")
def test_request_response_success(self, curl_mock, string_mock):
curl_class = curl_mock.return_value
curl_class.setopt.return_value = True
curl_class.perform.return_value = None
string_class = string_mock.return_value
string_class.write.return_value = None
string_class.getvalue.return_value = "Successful result"
req = Request('http://example.com/', False)
resp = req.executeRequest('init', {})
self.assertTrue(resp.is_success())
self.assertEquals(resp.get_status(), response.SUCCESS)
self.assertEquals(resp.get_content(), "Successful result")
def test_request_response_failure(self, curl_mock, string_mock):
curl_class = curl_mock.return_value
curl_class.setopt.return_value = True
curl_class.perform.return_value = None
string_class = string_mock.return_value
string_class.write.return_value = None
string_class.getvalue.return_value = ""
curl_class.errstr.return_value = "Testing for error"
req = Request('http://example.com/', False)
resp = req.executeRequest('init', {})
self.assertFalse(resp.is_success())
self.assertEquals(resp.get_status(), response.FAILURE)
self.assertEquals(resp.get_content(), "Testing for error")
def test_request_response_failure(self, curl_mock, string_mock):
curl_class = curl_mock.return_value
curl_class.setopt.return_value = True
curl_class.perform.return_value = None
string_class = string_mock.return_value
string_class.write.return_value = None
string_class.getvalue.return_value = ""
curl_class.errstr.return_value = "Testing for error"
req = Request('http://example.com/', False)
resp = req.executeRequest('init', {})
self.assertFalse(resp.is_success())
self.assertEquals(resp.get_status(), response.FAILURE)
self.assertEquals(resp.get_content(), "Testing for error")
def process_connection(self, connection):
with connection:
r = b''
while True:
content = connection.recv(1024)
r += content
if len(content) != 1024:
break
log('request log:\n <{}>'.format(r))
r = r.decode()
if r:
request = Request(r)
response = Response()
m_num = len(self.middlewares)
if m_num > 0:
# 下一个中间件的 index
next_i = 0
def next():
nonlocal next_i
if next_i == m_num:
self.handle_path(request, response)
else:
m = self.middlewares[next_i]
next_i += 1
m(request, response, next)
next()
else:
self.handle_path(request, response)
# 把响应发送给客户端
connection.sendall(response.toHttp())
def search_login(domain):
try:
response = Request.get_request(domain.get_name(),
'/typo3/index.php')
regex = re.compile('<title>(.*)</title>', re.IGNORECASE)
searchTitle = regex.search(response[0])
title = searchTitle.groups()[0]
login_text = Fore.GREEN + domain.get_name(
) + '/typo3/index.php' + Fore.RESET
login_text += '\n | Accessible?'.ljust(30)
if ('TYPO3 Backend access denied: The IP address of your client'
in response[0]) or (response[3] == 403):
login_text += (Fore.YELLOW +
' Forbidden (IP Address Restriction)' +
Fore.RESET)
elif (('TYPO3 Login' in title) or ('TYPO3 CMS Login') in title):
login_text += Fore.GREEN + ' Yes' + Fore.RESET
else:
login_text = Fore.RED + 'Could not be found' + Fore.RESET
domain.set_login_found(login_text)
return True
except:
return False
def search_typo3_version(self, domain):
files = {
'/typo3_src/ChangeLog':
'[Tt][Yy][Pp][Oo]3 (\d{1,2}\.\d{1,2}\.?[0-9]?[0-9]?)',
'/ChangeLog':
'[Tt][Yy][Pp][Oo]3 (\d{1,2}\.\d{1,2}\.?[0-9]?[0-9]?)',
'/typo3_src/NEWS.txt':
'http://wiki.typo3.org/TYPO3_(\d{1,2}\.\d{1,2})',
'/typo3_src/NEWS.md':
'[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss] (\d{1,2}\.\d{1,2}) - WHAT\'S NEW',
'/NEWS.txt': 'http://wiki.typo3.org/TYPO3_(\d{1,2}\.\d{1,2})',
'/NEWS.md':
'[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss] (\d{1,2}\.\d{1,2}) - WHAT\'S NEW',
'/INSTALL.md':
'[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss] (\d{1,2}(.\d{1,2})?)',
'/INSTALL.md': '[Tt][Yy][Pp][Oo]3 v(\d{1})'
}
version = 'could not be determined'
for path, regex in files.items():
response = Request.version_information(domain.get_name(), path,
regex)
if not (response is None):
string = '[!] ' + 'Found version file:'
print(string.ljust(30) + path)
if (version is 'could not be determined'):
version = response
elif (len(response) > len(version)):
version = response
domain.set_typo3_version(version)
def search_typo3_version(self, domain):
files = {'/typo3_src/ChangeLog':'[Tt][Yy][Pp][Oo]3 (\d{1,2}\.\d{1,2}\.?[0-9]?[0-9]?)',
'/ChangeLog':'[Tt][Yy][Pp][Oo]3 (\d{1,2}\.\d{1,2}\.?[0-9]?[0-9]?)',
'/typo3_src/NEWS.txt':'http://wiki.typo3.org/TYPO3_(\d{1,2}\.\d{1,2})',
'/typo3_src/NEWS.md':'[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss] (\d{1,2}\.\d{1,2}) - WHAT\'S NEW',
'/NEWS.txt':'http://wiki.typo3.org/TYPO3_(\d{1,2}\.\d{1,2})',
'/NEWS.md':'[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss] (\d{1,2}\.\d{1,2}) - WHAT\'S NEW',
'/INSTALL.md':'[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss] (\d{1,2}(.\d{1,2})?)',
'/INSTALL.md':'[Tt][Yy][Pp][Oo]3 v(\d{1})'
}
version = 'could not be determined'
for path, regex in files.items():
response = Request.version_information(domain.get_name(), path, regex)
if not (response is None):
string = '[!] ' + 'Found version file:'
print(string.ljust(30) + path)
if (version is 'could not be determined'):
version = response
elif (len(response) > len(version)):
version = response
domain.set_typo3_version(version)
def connect(self):
"""
This method checks the connection with TOR.
If TOR is not used, the program will exit
"""
print('\nChecking connection...')
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, '127.0.0.1',
self.__port, True)
socks.socket.setdefaulttimeout(20)
socket.socket = socks.socksocket
try:
request = Request.get_request('https://check.torproject.org', '/')
response = request[0]
except:
print('Failed to connect through TOR!')
print('Please make sure your configuration is right!\n')
sys.exit(-2)
try:
regex = re.compile(
'Congratulations. This browser is configured to use Tor.')
searchVersion = regex.search(response)
version = searchVersion.groups()
print('Connection to TOR established')
regex = re.compile("(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})")
searchIP = regex.search(response)
IP = searchIP.groups()[0]
print('Your IP is: ', IP)
except Exception as e:
print(e)
print('It seems like TOR is not used.\nAborting...\n')
sys.exit(-2)
def check_404(domain):
domain_name = domain.get_name()
response = Request.get_request((domain_name.split('/')[0] + '//' + domain_name.split('/')[2]), '/idontexist')
try:
regex = re.compile('[Tt][Yy][Pp][Oo]3 CMS')
searchInstallation = regex.search(response[0])
installation = searchInstallation.groups()
domain.set_typo3()
return True
except:
return False
def check_404(domain):
domain_name = domain.get_name()
response = Request.get_request(
(domain_name.split('/')[0] + '//' + domain_name.split('/')[2]),
'/idontexist')
try:
regex = re.compile('[Tt][Yy][Pp][Oo]3 CMS')
searchInstallation = regex.search(response[0])
installation = searchInstallation.groups()
domain.set_typo3()
return True
except:
return False
def check_root(domain):
response = Request.get_request(domain.get_name(), '/')
if re.search('[Tt][Yy][Pp][Oo]3', response[0]):
domain.set_typo3()
headers = Request.interesting_headers(response[1], response[2])
for key in headers:
domain.set_interesting_headers(key, headers[key])
try:
path = re.search('(href|src|content)=(.{0,35})(typo3temp/|typo3conf/)', response[0])
if not (path.groups()[1] == '"' or '"../' in path.groups()[1]):
real_path = (path.groups()[1].split('"')[1])
if 'http' in real_path:
domain.set_name(real_path[0:len(real_path)-1])
else:
domain.set_name(domain.get_name() + real_path[0:len(real_path)-1])
domain.set_path(real_path[0:len(real_path)-1])
except:
pass
return True
else:
return False
def onConnect(self, con, address):
data = con.recv(4080)
if isinstance(data, bytes):
data = data.decode('utf-8')
parsed = Request(data, address)
func = self.routes.get(parsed.path.lower())
print(self.routes, parsed.success)
if not parsed.success or not func: # 404
return con.send(b"HTTP/1.1 404 Not Found")
resp = func(parsed)
if not isinstance(resp, Response):
raise TypeError(
"Invalid response from function {func}".format(func=func))
con.send("HTTP/1.1 {0} OK\n{1}".format(resp.status_code,
resp.html).encode('utf-8'))
def __get_category_list(self) -> List:
"""
カテゴリーリストを取得する
:return: カテゴリーのURLリスト
"""
"""一旦カテゴリーリストを取得する"""
nav_list = []
soup = Request.exec(self.BASE_URL)
li_tags = soup.find_all('li')
"""カテゴリーだけ取得する"""
for li in li_tags:
li_class_array = li.get('class')
if li_class_array and 'mdTopNav01Item' in li_class_array:
nav = li.find_all('a')[0]
nav_link = nav.get('href')
nav_list.append(self.BASE_URL + nav_link)
return nav_list
def check_default_files(domain):
files = {'/typo3_src/README.md':'[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss]',
'/typo3_src/README.txt':'[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss]',
'/typo3_src/INSTALL.txt':'INSTALLING [Tt][Yy][Pp][Oo]3',
'/typo3_src/INSTALL.md':'INSTALLING [Tt][Yy][Pp][Oo]3',
'/typo3_src/LICENSE.txt':'[Tt][Yy][Pp][Oo]3'
}
for path, regex in files.items():
try:
response = Request.get_request(domain.get_name(), path)
regex = re.compile(regex)
searchInstallation = regex.search(response[0])
installation = searchInstallation.groups()
domain.set_typo3()
return True
except:
pass
return False
def search_login(domain):
try:
response = Request.get_request(domain.get_name(), '/typo3/index.php')
regex = re.compile('<title>(.*)</title>', re.IGNORECASE)
searchTitle = regex.search(response[0])
title = searchTitle.groups()[0]
login_text = Fore.GREEN + domain.get_name() + '/typo3/index.php' + Fore.RESET
login_text += '\n | Accessible?'.ljust(30)
if ('TYPO3 Backend access denied: The IP address of your client' in response[0]) or (response[3] == 403):
login_text += (Fore.YELLOW + ' Forbidden (IP Address Restriction)' + Fore.RESET)
elif (('TYPO3 Login' in title) or ('TYPO3 CMS Login') in title):
login_text += Fore.GREEN + ' Yes' + Fore.RESET
else:
login_text = Fore.RED + 'Could not be found' + Fore.RESET
domain.set_login_found(login_text)
return True
except:
return False
def check_default_files(domain):
files = {
'/typo3_src/README.md': '[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss]',
'/typo3_src/README.txt': '[Tt][Yy][Pp][Oo]3 [Cc][Mm][Ss]',
'/typo3_src/INSTALL.txt': 'INSTALLING [Tt][Yy][Pp][Oo]3',
'/typo3_src/INSTALL.md': 'INSTALLING [Tt][Yy][Pp][Oo]3',
'/typo3_src/LICENSE.txt': '[Tt][Yy][Pp][Oo]3'
}
for path, regex in files.items():
try:
response = Request.get_request(domain.get_name(), path)
regex = re.compile(regex)
searchInstallation = regex.search(response[0])
installation = searchInstallation.groups()
domain.set_typo3()
return True
except:
pass
return False
def get_detail_list(link: str, callback) -> None:
detail_list = []
"""url ごとにテキストを詰める"""
text_array = []
detail = {}
max_page_num = 10
current_page = 1
while current_page <= max_page_num:
request_path = link + '?page=' + str(current_page)
html = Request.exec(request_path)
"""取得対象のセレクタ"""
contents = html.select(
'.mdMTMWidget01ItemTweet01View,.mdMTMWidget01Content01Txt,'
'.mdMTMWidget01ItemQuote01Txt,.mdMTMWidget01ItemComment01View,'
'.mdMTMWidget01ItemDesc01View')
for content in contents:
text = content.get_text(strip=True)
if text:
text_array.append(text)
page_element = html.select('.MdPagination03 a')
page_list = []
if len(page_list) == 0:
for page in page_element:
page_list.append(int(page.string))
max_page_num = max(page_list) if page_list else 1
current_page += 1
detail['link'] = link
detail['content'] = text_array
detail_list.append(detail)
callback(detail_list)
def __get_link_in_category(self,
current_page: int,
path: str,
max_page_num: int = 50) -> List:
"""
カテゴリーページ内にあるリンクを取得する
:param current_page: 現在のページ番号
:param path: URL
:param max_page_num: 最大ページ番号
:return: カテゴリーページ内にあるURLリスト
"""
links = []
page_list = [] # type: List[int]
while current_page <= max_page_num:
request_path = path + '?page=' + str(current_page)
soup = Request.exec(request_path)
a_tags = soup.find_all("a")
"""トップページにある有効なリンクを配列に詰める"""
for a in a_tags:
href = a.get("href")
text = a.get_text(strip=True)
"""
- /odai/ で始まるリンク
- a タグ内が空でない
- /odai/new 以外
"""
if '/odai/' in href and text and href != '/odai/new':
links.append(self.BASE_URL + href)
"""ページ数を取得する"""
if len(page_list) == 0 and href == '#' and 'goPage' in a.get(
'onclick'):
page_list.append(int(text))
if len(page_list) == 0:
max_page_num = max(page_list)
current_page += 1
return links
def status(self, data):
validator = Validator('status', data)
request_data = self.__build_data(validator.execute())
req = Request(self.access_data['apiUrl'], self.access_data['verifySSL'])
return req.executeRequest('status_request', request_data)
def _application(self, environ, start_response):
'''handle request for this router'''
req = Request(environ)
res = Response()
pipeline = self.tree.build_pipeline(req)
return pipeline.handler(req, res)(environ, start_response)
def init_recurrent(self, data):
validator = Validator('init_recurrent', data)
request_data = self.__build_data(validator.execute())
req = Request(self.access_data['apiUrl'], self.access_data['verifySSL'])
return req.executeRequest('init_recurrent', request_data)
def charge_hold(self, data):
validator = Validator('charge_hold', data)
request_data = self.__build_data(validator.execute())
req = Request(self.access_data['apiUrl'], self.access_data['verifySSL'])
return req.executeRequest('charge_hold', request_data)
def __init__(self, environ): self.loggedUser = None Request.__init__(self, environ)
def status(self, data):
validator = Validator('status', data)
request_data = self.__build_data(validator.execute())
req = Request(self.access_data['apiUrl'],
self.access_data['verifySSL'])
return req.executeRequest('status_request', request_data)
def charge_hold(self, data):
validator = Validator('charge_hold', data)
request_data = self.__build_data(validator.execute())
req = Request(self.access_data['apiUrl'],
self.access_data['verifySSL'])
return req.executeRequest('charge_hold', request_data)
def init_recurrent(self, data):
validator = Validator('init_recurrent', data)
request_data = self.__build_data(validator.execute())
req = Request(self.access_data['apiUrl'],
self.access_data['verifySSL'])
return req.executeRequest('init_recurrent', request_data)
def __init__(self, parent=None):
BaseInteractorStyle.__init__(self, parent)
self.request = Request(token="")